Hi
Code:
pam_umask.so [debug] [silent] [usergroups] [umask=mask]
· umask= argument
· UMASK entry from /etc/login.defs
I see. I was under the impression that the umask you highlighted in red was the parameter passed to pam_umask.so that i have highlighted above. I thought it fell through to the option i have highlighted in green.
Working through the configuration files...
Code:
matthew@matthew-Aspire-7540:~$ grep -i umask /etc/skel/.profile
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
matthew@matthew-Aspire-7540:~$
Code:
matthew@matthew-Aspire-7540:~$ grep -i umask /etc/profile
# The default umask is now handled by pam_umask.
# See pam_umask(8) and /etc/login.defs.
matthew@matthew-Aspire-7540:~
Code:
DESCRIPTION
pam_umask is a PAM module to set the file mode creation mask of the current environment. The umask affects the default permissions assigned to newly created
files.
The PAM module tries to get the umask value from the following places in the following order:
· umask= argument
· umask= entry of the users GECOS field
· pri= entry of the users GECOS field
· ulimit= entry of the users GECOS field
· UMASK= entry from /etc/default/login
· UMASK entry from /etc/login.defs
Code:
matthew@matthew-Aspire-7540:~$ egrep -i "umask|USERGROUPS_ENAB" /etc/login.defs
# UMASK Default "umask" value.
# UMASK is the default umask value for pam_umask and is used by
# 022 is the "historical" value in Debian for UMASK
# If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
UMASK 022
# Enable setting of the umask group bits to be the same as owner bits
USERGROUPS_ENAB yes
matthew@matthew-Aspire-7540:~$
I came accross this a while ago when i found out that motd has gone to pam (i wanted to customise my ssh motd).
I have not worked through the boot process of these scripts so i am not sure if this is redundant or the new way to define umask.
I will look into this.
Kind regards
Bookmarks